The 2008 Australian study of remnant data contained on 2nd hand hard disks: the saga continues

TL;DR

This study examined second-hand enterprise hard drives from auctions, revealing a high prevalence of residual data, including sensitive information related to critical infrastructure, raising concerns about data security and the need for regulatory oversight.

Contribution

It provides updated forensic analysis of second-hand enterprise drives, highlighting the persistent presence of residual data and potential security risks.

Findings

High rate of un-erased drives containing sensitive data

Presence of data related to critical infrastructure providers

Need for government intervention in data sanitization

Abstract

This study looked for remnant data on enterprise level hard drives that were purchased through auctions. The drives were analysed for information, be it topical or formatted. In the event that drives were formatted, forensic tools were used to recover this data. This years study revealed a high level of not simply un-erased drives, but drives which contained information that related to critical infrastructure providers. That such a small sample size yielded such a high rate of un-erased drives is of considerable concern, and it may be necessary for the government to become involved.